package com.zy.config;

import com.zy.service.JurisdictionService;
import com.zy.service.RoleService;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import javax.annotation.Resource;
import java.util.HashMap;
import java.util.Map;

@Configuration
public class ShiroConfig {
    @Resource
    private RoleService roleService;
    @Resource
    private JurisdictionService jurisdictionService;
    //securityManager
    @Bean
    public SecurityManager securityManager(){
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        //指向自定义的realm
        securityManager.setRealm(homeRealm());
        securityManager.setCacheManager(ehCacheManager());
        return securityManager;
    }
    //shiroFilterFactoryBean   过滤器 入口类
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(){
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        //指向securityManager
        shiroFilterFactoryBean.setSecurityManager(securityManager());
        Map<String,String> filterchains = new HashMap<>();
        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterchains);
        filterchains.put("/logout","logout");//退出默认的路径    /
        filterchains.put("/**","authc");//所有的请求都需要认证
        filterchains.put("/common/**","anon");//anon不需要认证
        filterchains.put("/css/**","anon");
        filterchains.put("/webjars/**","anon");
        filterchains.put("/login","anon");

        shiroFilterFactoryBean.setLoginUrl("/login");//认证失败跳转的路径-->登陆页面

        return shiroFilterFactoryBean;
    }
    //realm  自定义
    @Bean
    public HomeRealm homeRealm(){
        HomeRealm homeRealm = new HomeRealm();
        //数据 根据用户编码查询
        homeRealm.setRoleService(roleService);
        homeRealm.setJurisdictionService(jurisdictionService);
        //指向凭证
        homeRealm.setCredentialsMatcher(hashedCredentialsMatcher());
        return  homeRealm;
    }

    //认证凭证器
    @Bean
    public HashedCredentialsMatcher hashedCredentialsMatcher(){
        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
        //算法
        hashedCredentialsMatcher.setHashAlgorithmName("md5");
        //散列次数
        hashedCredentialsMatcher.setHashIterations(1);
        return hashedCredentialsMatcher;
    }

    //开启shiro注解形式
    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(){
        AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
        advisor.setSecurityManager(securityManager());
        return advisor;
    }

    //缓存管理器
    @Bean
    public EhCacheManager ehCacheManager(){
        EhCacheManager ehCacheManager = new EhCacheManager();
        ehCacheManager.setCacheManagerConfigFile("classpath:shiro-ehcache.xml");
        return ehCacheManager;
    }
}
